diff options
Diffstat (limited to 'nss/lib/ckfw/mechanism.c')
-rw-r--r-- | nss/lib/ckfw/mechanism.c | 1280 |
1 files changed, 600 insertions, 680 deletions
diff --git a/nss/lib/ckfw/mechanism.c b/nss/lib/ckfw/mechanism.c index 14baf02..fe20aa9 100644 --- a/nss/lib/ckfw/mechanism.c +++ b/nss/lib/ckfw/mechanism.c @@ -55,13 +55,12 @@ * nssCKFWMechanism_DeriveKey */ - struct NSSCKFWMechanismStr { - NSSCKMDMechanism *mdMechanism; - NSSCKMDToken *mdToken; - NSSCKFWToken *fwToken; - NSSCKMDInstance *mdInstance; - NSSCKFWInstance *fwInstance; + NSSCKMDMechanism *mdMechanism; + NSSCKMDToken *mdToken; + NSSCKFWToken *fwToken; + NSSCKMDInstance *mdInstance; + NSSCKFWInstance *fwInstance; }; /* @@ -69,28 +68,25 @@ struct NSSCKFWMechanismStr { * */ NSS_IMPLEMENT NSSCKFWMechanism * -nssCKFWMechanism_Create -( - NSSCKMDMechanism *mdMechanism, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance -) +nssCKFWMechanism_Create( + NSSCKMDMechanism *mdMechanism, + NSSCKMDToken *mdToken, + NSSCKFWToken *fwToken, + NSSCKMDInstance *mdInstance, + NSSCKFWInstance *fwInstance) { - NSSCKFWMechanism *fwMechanism; - - - fwMechanism = nss_ZNEW(NULL, NSSCKFWMechanism); - if (!fwMechanism) { - return (NSSCKFWMechanism *)NULL; - } - fwMechanism->mdMechanism = mdMechanism; - fwMechanism->mdToken = mdToken; - fwMechanism->fwToken = fwToken; - fwMechanism->mdInstance = mdInstance; - fwMechanism->fwInstance = fwInstance; - return fwMechanism; + NSSCKFWMechanism *fwMechanism; + + fwMechanism = nss_ZNEW(NULL, NSSCKFWMechanism); + if (!fwMechanism) { + return (NSSCKFWMechanism *)NULL; + } + fwMechanism->mdMechanism = mdMechanism; + fwMechanism->mdToken = mdToken; + fwMechanism->fwToken = fwToken; + fwMechanism->mdInstance = mdInstance; + fwMechanism->fwInstance = fwInstance; + return fwMechanism; } /* @@ -98,24 +94,22 @@ nssCKFWMechanism_Create * */ NSS_IMPLEMENT void -nssCKFWMechanism_Destroy -( - NSSCKFWMechanism *fwMechanism -) +nssCKFWMechanism_Destroy( + NSSCKFWMechanism *fwMechanism) { - /* destroy any fw resources held by nssCKFWMechanism (currently none) */ - - if (!fwMechanism->mdMechanism->Destroy) { - /* destroys it's parent as well */ - fwMechanism->mdMechanism->Destroy( - fwMechanism->mdMechanism, - fwMechanism, - fwMechanism->mdInstance, - fwMechanism->fwInstance); - } - /* if the Destroy function wasn't supplied, then the mechanism is 'static', - * and there is nothing to destroy */ - return; + /* destroy any fw resources held by nssCKFWMechanism (currently none) */ + + if (fwMechanism->mdMechanism->Destroy) { + /* destroys it's parent as well */ + fwMechanism->mdMechanism->Destroy( + fwMechanism->mdMechanism, + fwMechanism, + fwMechanism->mdInstance, + fwMechanism->fwInstance); + } + /* if the Destroy function wasn't supplied, then the mechanism is 'static', + * and there is nothing to destroy */ + return; } /* @@ -123,12 +117,10 @@ nssCKFWMechanism_Destroy * */ NSS_IMPLEMENT NSSCKMDMechanism * -nssCKFWMechanism_GetMDMechanism -( - NSSCKFWMechanism *fwMechanism -) +nssCKFWMechanism_GetMDMechanism( + NSSCKFWMechanism *fwMechanism) { - return fwMechanism->mdMechanism; + return fwMechanism->mdMechanism; } /* @@ -136,19 +128,17 @@ nssCKFWMechanism_GetMDMechanism * */ NSS_IMPLEMENT CK_ULONG -nssCKFWMechanism_GetMinKeySize -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetMinKeySize( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->GetMinKeySize) { - return 0; - } + if (!fwMechanism->mdMechanism->GetMinKeySize) { + return 0; + } - return fwMechanism->mdMechanism->GetMinKeySize(fwMechanism->mdMechanism, - fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, pError); + return fwMechanism->mdMechanism->GetMinKeySize(fwMechanism->mdMechanism, + fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, pError); } /* @@ -156,19 +146,17 @@ nssCKFWMechanism_GetMinKeySize * */ NSS_IMPLEMENT CK_ULONG -nssCKFWMechanism_GetMaxKeySize -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetMaxKeySize( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->GetMaxKeySize) { - return 0; - } + if (!fwMechanism->mdMechanism->GetMaxKeySize) { + return 0; + } - return fwMechanism->mdMechanism->GetMaxKeySize(fwMechanism->mdMechanism, - fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, pError); + return fwMechanism->mdMechanism->GetMaxKeySize(fwMechanism->mdMechanism, + fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, pError); } /* @@ -176,22 +164,19 @@ nssCKFWMechanism_GetMaxKeySize * */ NSS_IMPLEMENT CK_BBOOL -nssCKFWMechanism_GetInHardware -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetInHardware( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->GetInHardware) { - return CK_FALSE; - } + if (!fwMechanism->mdMechanism->GetInHardware) { + return CK_FALSE; + } - return fwMechanism->mdMechanism->GetInHardware(fwMechanism->mdMechanism, - fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, pError); + return fwMechanism->mdMechanism->GetInHardware(fwMechanism->mdMechanism, + fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, pError); } - /* * the following are determined automatically by which of the cryptographic * functions are defined for this mechanism. @@ -201,16 +186,14 @@ nssCKFWMechanism_GetInHardware * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanEncrypt -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanEncrypt( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->EncryptInit) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->EncryptInit) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -218,16 +201,14 @@ nssCKFWMechanism_GetCanEncrypt * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanDecrypt -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanDecrypt( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->DecryptInit) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->DecryptInit) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -235,16 +216,14 @@ nssCKFWMechanism_GetCanDecrypt * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanDigest -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanDigest( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->DigestInit) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->DigestInit) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -252,16 +231,14 @@ nssCKFWMechanism_GetCanDigest * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanSign -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanSign( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->SignInit) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->SignInit) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -269,16 +246,14 @@ nssCKFWMechanism_GetCanSign * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanSignRecover -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanSignRecover( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->SignRecoverInit) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->SignRecoverInit) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -286,16 +261,14 @@ nssCKFWMechanism_GetCanSignRecover * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanVerify -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanVerify( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->VerifyInit) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->VerifyInit) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -303,16 +276,14 @@ nssCKFWMechanism_GetCanVerify * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanVerifyRecover -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanVerifyRecover( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->VerifyRecoverInit) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->VerifyRecoverInit) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -320,16 +291,14 @@ nssCKFWMechanism_GetCanVerifyRecover * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanGenerate -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanGenerate( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->GenerateKey) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->GenerateKey) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -337,16 +306,14 @@ nssCKFWMechanism_GetCanGenerate * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanGenerateKeyPair -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanGenerateKeyPair( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->GenerateKeyPair) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->GenerateKeyPair) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -354,16 +321,14 @@ nssCKFWMechanism_GetCanGenerateKeyPair * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanUnwrap -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanUnwrap( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->UnwrapKey) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->UnwrapKey) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -371,16 +336,14 @@ nssCKFWMechanism_GetCanUnwrap * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanWrap -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanWrap( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->WrapKey) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->WrapKey) { + return CK_FALSE; + } + return CK_TRUE; } /* @@ -388,55 +351,50 @@ nssCKFWMechanism_GetCanWrap * */ NSS_EXTERN CK_BBOOL -nssCKFWMechanism_GetCanDerive -( - NSSCKFWMechanism *fwMechanism, - CK_RV *pError -) +nssCKFWMechanism_GetCanDerive( + NSSCKFWMechanism *fwMechanism, + CK_RV *pError) { - if (!fwMechanism->mdMechanism->DeriveKey) { - return CK_FALSE; - } - return CK_TRUE; + if (!fwMechanism->mdMechanism->DeriveKey) { + return CK_FALSE; + } + return CK_TRUE; } /* * These are the actual crypto operations */ -/* +/* * nssCKFWMechanism_EncryptInit * Start an encryption session. */ NSS_EXTERN CK_RV -nssCKFWMechanism_EncryptInit -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwObject -) +nssCKFWMechanism_EncryptInit( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM *pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwObject) { - NSSCKFWCryptoOperation *fwOperation; - NSSCKMDCryptoOperation *mdOperation; - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - CK_RV error = CKR_OK; - - - fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, - NSSCKFWCryptoOperationState_EncryptDecrypt); - if (fwOperation) { - return CKR_OPERATION_ACTIVE; - } - - if (!fwMechanism->mdMechanism->EncryptInit) { - return CKR_FUNCTION_FAILED; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdObject = nssCKFWObject_GetMDObject(fwObject); - mdOperation = fwMechanism->mdMechanism->EncryptInit( + NSSCKFWCryptoOperation *fwOperation; + NSSCKMDCryptoOperation *mdOperation; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + CK_RV error = CKR_OK; + + fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, + NSSCKFWCryptoOperationState_EncryptDecrypt); + if (fwOperation) { + return CKR_OPERATION_ACTIVE; + } + + if (!fwMechanism->mdMechanism->EncryptInit) { + return CKR_FUNCTION_FAILED; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdObject = nssCKFWObject_GetMDObject(fwObject); + mdOperation = fwMechanism->mdMechanism->EncryptInit( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -448,58 +406,54 @@ nssCKFWMechanism_EncryptInit fwMechanism->fwInstance, mdObject, fwObject, - &error - ); - if (!mdOperation) { - goto loser; - } - - fwOperation = nssCKFWCryptoOperation_Create(mdOperation, - mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, - NSSCKFWCryptoOperationType_Encrypt, &error); - if (fwOperation) { - nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, - NSSCKFWCryptoOperationState_EncryptDecrypt); - } + &error); + if (!mdOperation) { + goto loser; + } + + fwOperation = nssCKFWCryptoOperation_Create(mdOperation, + mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, + NSSCKFWCryptoOperationType_Encrypt, &error); + if (fwOperation) { + nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, + NSSCKFWCryptoOperationState_EncryptDecrypt); + } loser: - return error; + return error; } -/* +/* * nssCKFWMechanism_DecryptInit * Start an encryption session. */ NSS_EXTERN CK_RV -nssCKFWMechanism_DecryptInit -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwObject -) +nssCKFWMechanism_DecryptInit( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM *pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwObject) { - NSSCKFWCryptoOperation *fwOperation; - NSSCKMDCryptoOperation *mdOperation; - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - CK_RV error = CKR_OK; - - - fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, - NSSCKFWCryptoOperationState_EncryptDecrypt); - if (fwOperation) { - return CKR_OPERATION_ACTIVE; - } - - if (!fwMechanism->mdMechanism->DecryptInit) { - return CKR_FUNCTION_FAILED; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdObject = nssCKFWObject_GetMDObject(fwObject); - mdOperation = fwMechanism->mdMechanism->DecryptInit( + NSSCKFWCryptoOperation *fwOperation; + NSSCKMDCryptoOperation *mdOperation; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + CK_RV error = CKR_OK; + + fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, + NSSCKFWCryptoOperationState_EncryptDecrypt); + if (fwOperation) { + return CKR_OPERATION_ACTIVE; + } + + if (!fwMechanism->mdMechanism->DecryptInit) { + return CKR_FUNCTION_FAILED; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdObject = nssCKFWObject_GetMDObject(fwObject); + mdOperation = fwMechanism->mdMechanism->DecryptInit( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -511,55 +465,51 @@ nssCKFWMechanism_DecryptInit fwMechanism->fwInstance, mdObject, fwObject, - &error - ); - if (!mdOperation) { - goto loser; - } - - fwOperation = nssCKFWCryptoOperation_Create(mdOperation, - mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, - NSSCKFWCryptoOperationType_Decrypt, &error); - if (fwOperation) { - nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, - NSSCKFWCryptoOperationState_EncryptDecrypt); - } + &error); + if (!mdOperation) { + goto loser; + } + + fwOperation = nssCKFWCryptoOperation_Create(mdOperation, + mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, + NSSCKFWCryptoOperationType_Decrypt, &error); + if (fwOperation) { + nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, + NSSCKFWCryptoOperationState_EncryptDecrypt); + } loser: - return error; + return error; } -/* +/* * nssCKFWMechanism_DigestInit * Start an encryption session. */ NSS_EXTERN CK_RV -nssCKFWMechanism_DigestInit -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKFWSession *fwSession -) +nssCKFWMechanism_DigestInit( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM *pMechanism, + NSSCKFWSession *fwSession) { - NSSCKFWCryptoOperation *fwOperation; - NSSCKMDCryptoOperation *mdOperation; - NSSCKMDSession *mdSession; - CK_RV error = CKR_OK; - - - fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, - NSSCKFWCryptoOperationState_Digest); - if (fwOperation) { - return CKR_OPERATION_ACTIVE; - } + NSSCKFWCryptoOperation *fwOperation; + NSSCKMDCryptoOperation *mdOperation; + NSSCKMDSession *mdSession; + CK_RV error = CKR_OK; + + fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, + NSSCKFWCryptoOperationState_Digest); + if (fwOperation) { + return CKR_OPERATION_ACTIVE; + } - if (!fwMechanism->mdMechanism->DigestInit) { - return CKR_FUNCTION_FAILED; - } + if (!fwMechanism->mdMechanism->DigestInit) { + return CKR_FUNCTION_FAILED; + } - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdOperation = fwMechanism->mdMechanism->DigestInit( + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdOperation = fwMechanism->mdMechanism->DigestInit( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -569,58 +519,54 @@ nssCKFWMechanism_DigestInit fwMechanism->fwToken, fwMechanism->mdInstance, fwMechanism->fwInstance, - &error - ); - if (!mdOperation) { - goto loser; - } - - fwOperation = nssCKFWCryptoOperation_Create(mdOperation, - mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, - NSSCKFWCryptoOperationType_Digest, &error); - if (fwOperation) { - nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, - NSSCKFWCryptoOperationState_Digest); - } + &error); + if (!mdOperation) { + goto loser; + } + + fwOperation = nssCKFWCryptoOperation_Create(mdOperation, + mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, + NSSCKFWCryptoOperationType_Digest, &error); + if (fwOperation) { + nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, + NSSCKFWCryptoOperationState_Digest); + } loser: - return error; + return error; } -/* +/* * nssCKFWMechanism_SignInit * Start an encryption session. */ NSS_EXTERN CK_RV -nssCKFWMechanism_SignInit -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwObject -) +nssCKFWMechanism_SignInit( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM *pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwObject) { - NSSCKFWCryptoOperation *fwOperation; - NSSCKMDCryptoOperation *mdOperation; - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - CK_RV error = CKR_OK; - - - fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, - NSSCKFWCryptoOperationState_SignVerify); - if (fwOperation) { - return CKR_OPERATION_ACTIVE; - } - - if (!fwMechanism->mdMechanism->SignInit) { - return CKR_FUNCTION_FAILED; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdObject = nssCKFWObject_GetMDObject(fwObject); - mdOperation = fwMechanism->mdMechanism->SignInit( + NSSCKFWCryptoOperation *fwOperation; + NSSCKMDCryptoOperation *mdOperation; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + CK_RV error = CKR_OK; + + fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, + NSSCKFWCryptoOperationState_SignVerify); + if (fwOperation) { + return CKR_OPERATION_ACTIVE; + } + + if (!fwMechanism->mdMechanism->SignInit) { + return CKR_FUNCTION_FAILED; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdObject = nssCKFWObject_GetMDObject(fwObject); + mdOperation = fwMechanism->mdMechanism->SignInit( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -632,58 +578,54 @@ nssCKFWMechanism_SignInit fwMechanism->fwInstance, mdObject, fwObject, - &error - ); - if (!mdOperation) { - goto loser; - } - - fwOperation = nssCKFWCryptoOperation_Create(mdOperation, - mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, - NSSCKFWCryptoOperationType_Sign, &error); - if (fwOperation) { - nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, - NSSCKFWCryptoOperationState_SignVerify); - } + &error); + if (!mdOperation) { + goto loser; + } + + fwOperation = nssCKFWCryptoOperation_Create(mdOperation, + mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, + NSSCKFWCryptoOperationType_Sign, &error); + if (fwOperation) { + nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, + NSSCKFWCryptoOperationState_SignVerify); + } loser: - return error; + return error; } -/* +/* * nssCKFWMechanism_VerifyInit * Start an encryption session. */ NSS_EXTERN CK_RV -nssCKFWMechanism_VerifyInit -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwObject -) +nssCKFWMechanism_VerifyInit( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM *pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwObject) { - NSSCKFWCryptoOperation *fwOperation; - NSSCKMDCryptoOperation *mdOperation; - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - CK_RV error = CKR_OK; - - - fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, - NSSCKFWCryptoOperationState_SignVerify); - if (fwOperation) { - return CKR_OPERATION_ACTIVE; - } - - if (!fwMechanism->mdMechanism->VerifyInit) { - return CKR_FUNCTION_FAILED; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdObject = nssCKFWObject_GetMDObject(fwObject); - mdOperation = fwMechanism->mdMechanism->VerifyInit( + NSSCKFWCryptoOperation *fwOperation; + NSSCKMDCryptoOperation *mdOperation; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + CK_RV error = CKR_OK; + + fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, + NSSCKFWCryptoOperationState_SignVerify); + if (fwOperation) { + return CKR_OPERATION_ACTIVE; + } + + if (!fwMechanism->mdMechanism->VerifyInit) { + return CKR_FUNCTION_FAILED; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdObject = nssCKFWObject_GetMDObject(fwObject); + mdOperation = fwMechanism->mdMechanism->VerifyInit( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -695,58 +637,54 @@ nssCKFWMechanism_VerifyInit fwMechanism->fwInstance, mdObject, fwObject, - &error - ); - if (!mdOperation) { - goto loser; - } - - fwOperation = nssCKFWCryptoOperation_Create(mdOperation, - mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, - NSSCKFWCryptoOperationType_Verify, &error); - if (fwOperation) { - nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, - NSSCKFWCryptoOperationState_SignVerify); - } + &error); + if (!mdOperation) { + goto loser; + } + + fwOperation = nssCKFWCryptoOperation_Create(mdOperation, + mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, + NSSCKFWCryptoOperationType_Verify, &error); + if (fwOperation) { + nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, + NSSCKFWCryptoOperationState_SignVerify); + } loser: - return error; + return error; } -/* +/* * nssCKFWMechanism_SignRecoverInit * Start an encryption session. */ NSS_EXTERN CK_RV -nssCKFWMechanism_SignRecoverInit -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwObject -) +nssCKFWMechanism_SignRecoverInit( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM *pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwObject) { - NSSCKFWCryptoOperation *fwOperation; - NSSCKMDCryptoOperation *mdOperation; - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - CK_RV error = CKR_OK; - - - fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, - NSSCKFWCryptoOperationState_SignVerify); - if (fwOperation) { - return CKR_OPERATION_ACTIVE; - } - - if (!fwMechanism->mdMechanism->SignRecoverInit) { - return CKR_FUNCTION_FAILED; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdObject = nssCKFWObject_GetMDObject(fwObject); - mdOperation = fwMechanism->mdMechanism->SignRecoverInit( + NSSCKFWCryptoOperation *fwOperation; + NSSCKMDCryptoOperation *mdOperation; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + CK_RV error = CKR_OK; + + fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, + NSSCKFWCryptoOperationState_SignVerify); + if (fwOperation) { + return CKR_OPERATION_ACTIVE; + } + + if (!fwMechanism->mdMechanism->SignRecoverInit) { + return CKR_FUNCTION_FAILED; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdObject = nssCKFWObject_GetMDObject(fwObject); + mdOperation = fwMechanism->mdMechanism->SignRecoverInit( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -758,58 +696,54 @@ nssCKFWMechanism_SignRecoverInit fwMechanism->fwInstance, mdObject, fwObject, - &error - ); - if (!mdOperation) { - goto loser; - } - - fwOperation = nssCKFWCryptoOperation_Create(mdOperation, - mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, - NSSCKFWCryptoOperationType_SignRecover, &error); - if (fwOperation) { - nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, - NSSCKFWCryptoOperationState_SignVerify); - } + &error); + if (!mdOperation) { + goto loser; + } + + fwOperation = nssCKFWCryptoOperation_Create(mdOperation, + mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, + NSSCKFWCryptoOperationType_SignRecover, &error); + if (fwOperation) { + nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, + NSSCKFWCryptoOperationState_SignVerify); + } loser: - return error; + return error; } -/* +/* * nssCKFWMechanism_VerifyRecoverInit * Start an encryption session. */ NSS_EXTERN CK_RV -nssCKFWMechanism_VerifyRecoverInit -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwObject -) +nssCKFWMechanism_VerifyRecoverInit( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM *pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwObject) { - NSSCKFWCryptoOperation *fwOperation; - NSSCKMDCryptoOperation *mdOperation; - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - CK_RV error = CKR_OK; - - - fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, - NSSCKFWCryptoOperationState_SignVerify); - if (fwOperation) { - return CKR_OPERATION_ACTIVE; - } - - if (!fwMechanism->mdMechanism->VerifyRecoverInit) { - return CKR_FUNCTION_FAILED; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdObject = nssCKFWObject_GetMDObject(fwObject); - mdOperation = fwMechanism->mdMechanism->VerifyRecoverInit( + NSSCKFWCryptoOperation *fwOperation; + NSSCKMDCryptoOperation *mdOperation; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + CK_RV error = CKR_OK; + + fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, + NSSCKFWCryptoOperationState_SignVerify); + if (fwOperation) { + return CKR_OPERATION_ACTIVE; + } + + if (!fwMechanism->mdMechanism->VerifyRecoverInit) { + return CKR_FUNCTION_FAILED; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdObject = nssCKFWObject_GetMDObject(fwObject); + mdOperation = fwMechanism->mdMechanism->VerifyRecoverInit( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -821,59 +755,56 @@ nssCKFWMechanism_VerifyRecoverInit fwMechanism->fwInstance, mdObject, fwObject, - &error - ); - if (!mdOperation) { - goto loser; - } - - fwOperation = nssCKFWCryptoOperation_Create(mdOperation, - mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, - fwMechanism->mdInstance, fwMechanism->fwInstance, - NSSCKFWCryptoOperationType_VerifyRecover, &error); - if (fwOperation) { - nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, - NSSCKFWCryptoOperationState_SignVerify); - } + &error); + if (!mdOperation) { + goto loser; + } + + fwOperation = nssCKFWCryptoOperation_Create(mdOperation, + mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, + fwMechanism->mdInstance, fwMechanism->fwInstance, + NSSCKFWCryptoOperationType_VerifyRecover, &error); + if (fwOperation) { + nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, + NSSCKFWCryptoOperationState_SignVerify); + } loser: - return error; + return error; } /* * nssCKFWMechanism_GenerateKey */ NSS_EXTERN NSSCKFWObject * -nssCKFWMechanism_GenerateKey -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM_PTR pMechanism, - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError -) +nssCKFWMechanism_GenerateKey( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM_PTR pMechanism, + NSSCKFWSession *fwSession, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, + CK_RV *pError) { - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - NSSCKFWObject *fwObject = NULL; - NSSArena *arena; - - if (!fwMechanism->mdMechanism->GenerateKey) { - *pError = CKR_FUNCTION_FAILED; - return (NSSCKFWObject *)NULL; - } - - arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); - if (!arena) { - if (CKR_OK == *pError) { - *pError = CKR_GENERAL_ERROR; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + NSSCKFWObject *fwObject = NULL; + NSSArena *arena; + + if (!fwMechanism->mdMechanism->GenerateKey) { + *pError = CKR_FUNCTION_FAILED; + return (NSSCKFWObject *)NULL; + } + + arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); + if (!arena) { + if (CKR_OK == *pError) { + *pError = CKR_GENERAL_ERROR; + } + return (NSSCKFWObject *)NULL; } - return (NSSCKFWObject *)NULL; - } - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdObject = fwMechanism->mdMechanism->GenerateKey( + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdObject = fwMechanism->mdMechanism->GenerateKey( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -887,53 +818,51 @@ nssCKFWMechanism_GenerateKey ulAttributeCount, pError); - if (!mdObject) { - return (NSSCKFWObject *)NULL; - } + if (!mdObject) { + return (NSSCKFWObject *)NULL; + } - fwObject = nssCKFWObject_Create(arena, mdObject, - fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); + fwObject = nssCKFWObject_Create(arena, mdObject, + fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); - return fwObject; + return fwObject; } /* * nssCKFWMechanism_GenerateKeyPair */ NSS_EXTERN CK_RV -nssCKFWMechanism_GenerateKeyPair -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM_PTR pMechanism, - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pPublicKeyTemplate, - CK_ULONG ulPublicKeyAttributeCount, - CK_ATTRIBUTE_PTR pPrivateKeyTemplate, - CK_ULONG ulPrivateKeyAttributeCount, - NSSCKFWObject **fwPublicKeyObject, - NSSCKFWObject **fwPrivateKeyObject -) +nssCKFWMechanism_GenerateKeyPair( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM_PTR pMechanism, + NSSCKFWSession *fwSession, + CK_ATTRIBUTE_PTR pPublicKeyTemplate, + CK_ULONG ulPublicKeyAttributeCount, + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, + CK_ULONG ulPrivateKeyAttributeCount, + NSSCKFWObject **fwPublicKeyObject, + NSSCKFWObject **fwPrivateKeyObject) { - NSSCKMDSession *mdSession; - NSSCKMDObject *mdPublicKeyObject; - NSSCKMDObject *mdPrivateKeyObject; - NSSArena *arena; - CK_RV error = CKR_OK; - - if (!fwMechanism->mdMechanism->GenerateKeyPair) { - return CKR_FUNCTION_FAILED; - } - - arena = nssCKFWToken_GetArena(fwMechanism->fwToken, &error); - if (!arena) { - if (CKR_OK == error) { - error = CKR_GENERAL_ERROR; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdPublicKeyObject; + NSSCKMDObject *mdPrivateKeyObject; + NSSArena *arena; + CK_RV error = CKR_OK; + + if (!fwMechanism->mdMechanism->GenerateKeyPair) { + return CKR_FUNCTION_FAILED; + } + + arena = nssCKFWToken_GetArena(fwMechanism->fwToken, &error); + if (!arena) { + if (CKR_OK == error) { + error = CKR_GENERAL_ERROR; + } + return error; } - return error; - } - mdSession = nssCKFWSession_GetMDSession(fwSession); - error = fwMechanism->mdMechanism->GenerateKeyPair( + mdSession = nssCKFWSession_GetMDSession(fwSession); + error = fwMechanism->mdMechanism->GenerateKeyPair( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -950,48 +879,46 @@ nssCKFWMechanism_GenerateKeyPair &mdPublicKeyObject, &mdPrivateKeyObject); - if (CKR_OK != error) { - return error; - } + if (CKR_OK != error) { + return error; + } - *fwPublicKeyObject = nssCKFWObject_Create(arena, mdPublicKeyObject, - fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error); - if (!*fwPublicKeyObject) { - return error; - } - *fwPrivateKeyObject = nssCKFWObject_Create(arena, mdPrivateKeyObject, - fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error); + *fwPublicKeyObject = nssCKFWObject_Create(arena, mdPublicKeyObject, + fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error); + if (!*fwPublicKeyObject) { + return error; + } + *fwPrivateKeyObject = nssCKFWObject_Create(arena, mdPrivateKeyObject, + fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error); - return error; + return error; } /* * nssCKFWMechanism_GetWrapKeyLength */ NSS_EXTERN CK_ULONG -nssCKFWMechanism_GetWrapKeyLength -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM_PTR pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwWrappingKeyObject, - NSSCKFWObject *fwKeyObject, - CK_RV *pError -) +nssCKFWMechanism_GetWrapKeyLength( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM_PTR pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwWrappingKeyObject, + NSSCKFWObject *fwKeyObject, + CK_RV *pError) { - NSSCKMDSession *mdSession; - NSSCKMDObject *mdWrappingKeyObject; - NSSCKMDObject *mdKeyObject; - - if (!fwMechanism->mdMechanism->WrapKey) { - *pError = CKR_FUNCTION_FAILED; - return (CK_ULONG) 0; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); - mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject); - return fwMechanism->mdMechanism->GetWrapKeyLength( + NSSCKMDSession *mdSession; + NSSCKMDObject *mdWrappingKeyObject; + NSSCKMDObject *mdKeyObject; + + if (!fwMechanism->mdMechanism->WrapKey) { + *pError = CKR_FUNCTION_FAILED; + return (CK_ULONG)0; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); + mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject); + return fwMechanism->mdMechanism->GetWrapKeyLength( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -1012,28 +939,26 @@ nssCKFWMechanism_GetWrapKeyLength * nssCKFWMechanism_WrapKey */ NSS_EXTERN CK_RV -nssCKFWMechanism_WrapKey -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM_PTR pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwWrappingKeyObject, - NSSCKFWObject *fwKeyObject, - NSSItem *wrappedKey -) +nssCKFWMechanism_WrapKey( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM_PTR pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwWrappingKeyObject, + NSSCKFWObject *fwKeyObject, + NSSItem *wrappedKey) { - NSSCKMDSession *mdSession; - NSSCKMDObject *mdWrappingKeyObject; - NSSCKMDObject *mdKeyObject; - - if (!fwMechanism->mdMechanism->WrapKey) { - return CKR_FUNCTION_FAILED; - } - - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); - mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject); - return fwMechanism->mdMechanism->WrapKey( + NSSCKMDSession *mdSession; + NSSCKMDObject *mdWrappingKeyObject; + NSSCKMDObject *mdKeyObject; + + if (!fwMechanism->mdMechanism->WrapKey) { + return CKR_FUNCTION_FAILED; + } + + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); + mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject); + return fwMechanism->mdMechanism->WrapKey( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -1054,44 +979,42 @@ nssCKFWMechanism_WrapKey * nssCKFWMechanism_UnwrapKey */ NSS_EXTERN NSSCKFWObject * -nssCKFWMechanism_UnwrapKey -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM_PTR pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwWrappingKeyObject, - NSSItem *wrappedKey, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError -) +nssCKFWMechanism_UnwrapKey( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM_PTR pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwWrappingKeyObject, + NSSItem *wrappedKey, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, + CK_RV *pError) { - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - NSSCKMDObject *mdWrappingKeyObject; - NSSCKFWObject *fwObject = NULL; - NSSArena *arena; - - if (!fwMechanism->mdMechanism->UnwrapKey) { - /* we could simulate UnwrapKey using Decrypt and Create object, but + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + NSSCKMDObject *mdWrappingKeyObject; + NSSCKFWObject *fwObject = NULL; + NSSArena *arena; + + if (!fwMechanism->mdMechanism->UnwrapKey) { + /* we could simulate UnwrapKey using Decrypt and Create object, but * 1) it's not clear that would work well, and 2) the low level token * may want to restrict unwrap key for a reason, so just fail it it * can't be done */ - *pError = CKR_FUNCTION_FAILED; - return (NSSCKFWObject *)NULL; - } - - arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); - if (!arena) { - if (CKR_OK == *pError) { - *pError = CKR_GENERAL_ERROR; + *pError = CKR_FUNCTION_FAILED; + return (NSSCKFWObject *)NULL; + } + + arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); + if (!arena) { + if (CKR_OK == *pError) { + *pError = CKR_GENERAL_ERROR; + } + return (NSSCKFWObject *)NULL; } - return (NSSCKFWObject *)NULL; - } - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); - mdObject = fwMechanism->mdMechanism->UnwrapKey( + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); + mdObject = fwMechanism->mdMechanism->UnwrapKey( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -1108,53 +1031,51 @@ nssCKFWMechanism_UnwrapKey ulAttributeCount, pError); - if (!mdObject) { - return (NSSCKFWObject *)NULL; - } + if (!mdObject) { + return (NSSCKFWObject *)NULL; + } - fwObject = nssCKFWObject_Create(arena, mdObject, - fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); + fwObject = nssCKFWObject_Create(arena, mdObject, + fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); - return fwObject; + return fwObject; } -/* +/* * nssCKFWMechanism_DeriveKey */ NSS_EXTERN NSSCKFWObject * -nssCKFWMechanism_DeriveKey -( - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM_PTR pMechanism, - NSSCKFWSession *fwSession, - NSSCKFWObject *fwBaseKeyObject, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError -) +nssCKFWMechanism_DeriveKey( + NSSCKFWMechanism *fwMechanism, + CK_MECHANISM_PTR pMechanism, + NSSCKFWSession *fwSession, + NSSCKFWObject *fwBaseKeyObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, + CK_RV *pError) { - NSSCKMDSession *mdSession; - NSSCKMDObject *mdObject; - NSSCKMDObject *mdBaseKeyObject; - NSSCKFWObject *fwObject = NULL; - NSSArena *arena; - - if (!fwMechanism->mdMechanism->DeriveKey) { - *pError = CKR_FUNCTION_FAILED; - return (NSSCKFWObject *)NULL; - } - - arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); - if (!arena) { - if (CKR_OK == *pError) { - *pError = CKR_GENERAL_ERROR; + NSSCKMDSession *mdSession; + NSSCKMDObject *mdObject; + NSSCKMDObject *mdBaseKeyObject; + NSSCKFWObject *fwObject = NULL; + NSSArena *arena; + + if (!fwMechanism->mdMechanism->DeriveKey) { + *pError = CKR_FUNCTION_FAILED; + return (NSSCKFWObject *)NULL; + } + + arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); + if (!arena) { + if (CKR_OK == *pError) { + *pError = CKR_GENERAL_ERROR; + } + return (NSSCKFWObject *)NULL; } - return (NSSCKFWObject *)NULL; - } - mdSession = nssCKFWSession_GetMDSession(fwSession); - mdBaseKeyObject = nssCKFWObject_GetMDObject(fwBaseKeyObject); - mdObject = fwMechanism->mdMechanism->DeriveKey( + mdSession = nssCKFWSession_GetMDSession(fwSession); + mdBaseKeyObject = nssCKFWObject_GetMDObject(fwBaseKeyObject); + mdObject = fwMechanism->mdMechanism->DeriveKey( fwMechanism->mdMechanism, fwMechanism, pMechanism, @@ -1170,13 +1091,12 @@ nssCKFWMechanism_DeriveKey ulAttributeCount, pError); - if (!mdObject) { - return (NSSCKFWObject *)NULL; - } + if (!mdObject) { + return (NSSCKFWObject *)NULL; + } - fwObject = nssCKFWObject_Create(arena, mdObject, - fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); + fwObject = nssCKFWObject_Create(arena, mdObject, + fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); - return fwObject; + return fwObject; } - |